Publishing details
Changelog
sox (14.4.1-3ubuntu1.1) trusty-security; urgency=medium
* SECURITY UPDATE: Buffer overflow
- debian/patches/0001-Check-for-minimum-size-sphere-headers.patch: Avoid
integer underflow by validating the header_size_ul for NIST sphere
formatted media files.
- debian/patches/0002-More-checks-for-invalid-MS-ADPCM-blocks.patch: Check
the number of samples in a wav block against the expected samples per
block.
- CVE-2014-8145
* SECURITY UPDATE: Division by zero
- debian/patches/CVE-2017-11332.patch: wav: fix crash if channel count is
zero
- CVE-2017-11332
* SECURITY UPDATE: Division by zero
- debian/patches/CVE-2017-11358.patch: hcom: fix crash on input with
corrupt dictionary
- CVE-2017-11358
* SECURITY UPDATE: Invalid memory read
- debian/patches/CVE-2017-11359.patch: wav: fix crash writing header when
channel count >64k
- CVE-2017-11359
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2017-15370.patch: wav: ima_adpcm: fix buffer overflow
on corrupt input
- CVE-2017-15370
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2017-15371.patch: flac: fix crash on corrupt metadata
- CVE-2017-15371
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2017-15372.patch: adpcm: fix stack overflow with >4
channels
- CVE-2017-15372
* SECURITY UPDATE: Use after free
- debian/patches/CVE-2017-15642.patch: adpcm: fix a user after free and
double free if an empty comment chunk follows a non-empty one.
- CVE-2017-15642
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2017-18189.patch: Prevent infinite loop caused by
specifying zero channels in a header. Also add an upper bound to prevent
overflow in multiplication
- CVE-2017-18189
-- Mike Salvatore <email address hidden> Thu, 31 Jan 2019 11:22:54 -0500
Builds
Built packages
-
libsox-dev
Development files for the SoX library
-
libsox-fmt-all
All SoX format libraries
-
libsox-fmt-alsa
SoX alsa format I/O library
-
libsox-fmt-alsa-dbgsym
debug symbols for package libsox-fmt-alsa
-
libsox-fmt-ao
SoX Libao format I/O library
-
libsox-fmt-ao-dbgsym
debug symbols for package libsox-fmt-ao
-
libsox-fmt-base
Minimal set of SoX format libraries
-
libsox-fmt-base-dbgsym
debug symbols for package libsox-fmt-base
-
libsox-fmt-mp3
SoX MP2 and MP3 format library
-
libsox-fmt-mp3-dbgsym
debug symbols for package libsox-fmt-mp3
-
libsox-fmt-oss
SoX OSS format I/O library
-
libsox-fmt-oss-dbgsym
debug symbols for package libsox-fmt-oss
-
libsox-fmt-pulse
SoX PulseAudio format I/O library
-
libsox-fmt-pulse-dbgsym
debug symbols for package libsox-fmt-pulse
-
libsox2
SoX library of audio effects and processing
-
libsox2-dbgsym
debug symbols for package libsox2
-
sox
Swiss army knife of sound processing
-
sox-dbgsym
debug symbols for package sox
Package files